Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/a9qKAEtSPs0kUHAo0oRqWJu2b04.roa
File: a9qKAEtSPs0kUHAo0oRqWJu2b04.roa (raw, json)
Hash identifier: ZLE9Bn473q8htH58Fv2nPv6wTTBqanLvnI8yUbEMWJc=
Subject key identifier: 6B:DA:8A:00:4B:52:3E:CD:24:50:70:28:D2:84:6A:58:9B:B6:6F:4E
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01853EC714E70B4FE93CDDDCA561D4CBA5BB
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/a9qKAEtSPs0kUHAo0oRqWJu2b04.roa
Signing time: Fri 23 Dec 2022 11:38:32 +0000
ROA not before: Fri 23 Dec 2022 11:38:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15723
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:c7:14:e7:0b:4f:e9:3c:dd:dc:a5:61:d4:cb:a5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 23 11:38:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bda8a004b523ecd24507028d2846a589bb66f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:33:50:57:7e:b6:df:7b:c9:89:12:87:fd:22:
46:66:a2:19:45:d4:48:02:1e:89:6b:4d:5c:53:bd:
56:e7:77:82:3f:1c:30:c2:6c:2d:85:08:d8:51:85:
fd:c9:98:78:b7:08:e4:33:96:47:36:3c:d5:60:48:
a6:86:12:5c:01:b9:69:de:96:00:c1:74:16:0b:e4:
25:26:d1:9b:c5:1b:8a:c1:a6:ef:6e:7f:10:23:2d:
e4:e3:07:c9:2f:34:fd:dd:01:26:4f:f4:5a:1d:17:
80:e3:b7:a6:01:2d:49:e4:7f:b2:71:1f:8a:e8:82:
6a:b2:a7:92:19:09:bf:b0:a1:61:e7:2c:73:e5:25:
f1:d7:e4:1a:af:1a:e6:ad:4c:27:ef:04:43:12:29:
a6:38:11:ee:a1:cb:1e:1a:92:b2:77:39:6b:19:a9:
32:59:80:e3:6b:88:68:40:7c:7b:54:c6:f3:81:d7:
e3:46:99:2c:56:dc:11:28:34:38:d1:f9:54:d7:b4:
4f:4f:21:89:d5:11:0b:c2:4b:4a:e9:dc:b6:ba:f4:
52:05:3e:ec:5a:b9:84:aa:82:8f:47:49:41:2e:11:
d2:b9:ba:29:d8:85:22:78:74:41:87:9a:ef:ef:97:
87:08:25:f6:94:d8:38:cd:11:d7:87:f4:89:58:64:
dd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DA:8A:00:4B:52:3E:CD:24:50:70:28:D2:84:6A:58:9B:B6:6F:4E
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/a9qKAEtSPs0kUHAo0oRqWJu2b04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.201.0-37.128.203.255
46.23.96.0/24
46.23.98.0/23
185.81.216.0/23
Signature Algorithm: sha256WithRSAEncryption
63:c9:63:68:72:d5:6d:37:73:7a:e9:01:1e:c3:b6:63:ad:0c:
ac:57:95:04:06:41:9b:93:56:0f:bb:9f:77:39:07:d7:53:7e:
7b:24:84:cc:c5:fa:df:f7:c9:c1:46:76:f8:1e:95:54:65:6d:
f8:df:9e:f4:e9:c5:02:2f:03:02:00:69:20:83:e1:52:eb:09:
57:89:d5:d2:6a:68:13:55:5b:bf:8c:7e:12:58:21:e1:e7:cc:
29:60:f4:ce:52:88:cb:42:bd:a7:91:34:e0:ae:09:3d:e2:d3:
9d:cb:8d:b1:d9:25:fc:84:ae:42:15:a5:19:70:7a:6a:01:db:
35:65:77:b6:1c:36:e6:fd:82:40:19:5c:f5:f4:6c:90:97:dc:
2c:3c:60:4c:9c:c0:ae:0d:9c:e1:45:88:69:65:e6:83:76:ca:
b8:92:7b:6e:fc:bf:7a:80:c1:fd:b5:9e:f8:18:80:d9:d3:db:
bf:25:bd:11:12:0e:67:bd:17:61:ba:66:2e:bb:0a:fc:3b:a7:
b2:f7:8d:f3:b6:6f:3a:33:6a:c5:62:c8:70:44:c7:98:b5:ae:
ac:18:09:6b:19:a3:bd:47:5e:38:94:b0:e8:78:36:d0:53:3a:
2a:17:85:3f:f7:40:80:33:0f:77:a6:a4:6d:a6:c3:27:8d:78:
d1:bc:17:82
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYU+xxTnC0/pPN3cpWHUy6W7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjIzMTEzODMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRhOGEwMDRiNTIzZWNkMjQ1MDcwMjhkMjg0NmE1ODliYjY2ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDNQV36233vJiRKH/SJGZqIZRdRI
Ah6Ja01cU71W53eCPxwwwmwthQjYUYX9yZh4twjkM5ZHNjzVYEimhhJcAblp3pYA
wXQWC+QlJtGbxRuKwabvbn8QIy3k4wfJLzT93QEmT/RaHReA47emAS1J5H+ycR+K
6IJqsqeSGQm/sKFh5yxz5SXx1+QarxrmrUwn7wRDEimmOBHuocseGpKydzlrGaky
WYDja4hoQHx7VMbzgdfjRpksVtwRKDQ40flU17RPTyGJ1RELwktK6dy2uvRSBT7s
WrmEqoKPR0lBLhHSubop2IUieHRBh5rv75eHCCX2lNg4zRHXh/SJWGTdFQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGvaigBLUj7NJFBwKNKEalibtm9OMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvYTlxS0FFdFNQczBrVUhBbzBvUnFXSnUyYjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAlgMkD
BAIlgMgDBAAuF2ADBAEuF2IDBAG5UdgwDQYJKoZIhvcNAQELBQADggEBAGPJY2hy
1W03c3rpAR7DtmOtDKxXlQQGQZuTVg+7n3c5B9dTfnskhMzF+t/3ycFGdvgelVRl
bfjfnvTpxQIvAwIAaSCD4VLrCVeJ1dJqaBNVW7+MfhJYIeHnzClg9M5SiMtCvaeR
NOCuCT3i053LjbHZJfyErkIVpRlwemoB2zVld7YcNub9gkAZXPX0bJCX3Cw8YEyc
wK4NnOFFiGll5oN2yriSe278v3qAwf21nvgYgNnT278lvRESDme9F2G6Zi67Cvw7
p7L3jfO2bzozasViyHBEx5i1rqwYCWsZo71HXjiUsOh4NtBTOioXhT/3QIAzD3em
pG2mwyeNeNG8F4I=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org